package timgmbh.monopoly.services;

import java.sql.PreparedStatement;
import java.sql.ResultSet;

import javax.servlet.http.HttpSession;

import timgmbh.monopoly.objects.User;

public class SessionService {
	//**********************************************************************************************************
	//**********************************************************************************************************
	//DECLARATION of Variables
	private static User user;
	private static boolean admin;
	private static HttpSession session;
	
	//**********************************************************************************************************
	//**********************************************************************************************************
	//PUBLIC METHODS
	
	public static void init(){
		//Update session
		session = ParserService.request.getSession();
		
		try {
			//Create new User-object
			int id = (int)session.getAttribute("id");			
			if (user != null) {
				if (user.getID() != id) {
					user = new User(id);
					user.nowActive();
					user.save();
				}
			} else {
				user = new User(id);
				user.nowActive();
				user.save();
			}
			admin = user.getAdmin();
		} catch (Exception e) {
			user = null;
		}
	}
	
	public static boolean login(String username, String password) {
		init();
		
		//Check of password
		try {
			//Encryption of Password
			password = SecurityService.getMD5Hash(password);
		} catch (Exception e) {
			//if encryption unsuccessful, false is returned > login failed
			System.out.println("Error: " + e.getClass() + ": " + e.getMessage());
			return false;
		}
		
		//Database-Query
		int id;
		PreparedStatement stmnt = null;
		ResultSet res = null;
		try {
			//execute Query
			stmnt = DatabaseService.getConn().prepareStatement("SELECT `ID`, `ADMIN` FROM `USER` WHERE `USERNAME` LIKE ? AND `PASSWORD` LIKE ?");
			stmnt.setString(1, username);
			stmnt.setString(2, password);
			stmnt.execute();
			res = stmnt.getResultSet();

			//Stop, if no data set was found with right criteria
			if (res.next() == false) {
				return false;
			}
			else {
				//Declaration of variables id and admin
				id = res.getInt("ID");
				if (res.getBoolean("ADMIN") == true) {
					admin = true;
				}
			}
		} catch (Exception e) {
			System.out.println("Error: " + e.getClass() + ": " + e.getMessage());
			return false;
		} finally {
			try {
				res.close();
				stmnt.close();
			} catch (Exception e) {
				System.out.println("Error: " + e.getClass() + ": " + e.getMessage());
				return false;
			}
		}

		//Creation of User Object
		User temp = new User(id);
		SessionService.user = temp;
		session.setAttribute("id", id);
		
		return true;
	}
	
	public static boolean logout(){
		init();
		
		//Declaration of default variables
		user = null;
		admin = false;
		//Removal of attribute ID
		session.removeAttribute("id");;
		
		return false;
	}
	//*********************************************************************************************************
	//*********************************************************************************************************
	//Getter-Methods
		//returns user
	public static User getUser() {
		init();
		return user;
	}

		//returns if user is admin
	public static boolean isAdmin() {
		init();
		return admin;
	}
}
